Need help on a piece of code

[illuz1on]

Hey,

This is a form I use to add information to a database, and upload an image to images/ ... I'm trying to get the INSERT statement to get the name of the newly uploaded picture and save it as 'picture' field in the table...

 

At the moment I fill in all the fields, click "Submit" and it doesn't show any errors or a success display, it just shows the form again, blank.

 

Thanks alot, will be so thankful if someone can help me out here

 

<?
    } elseif( $_GET["action"] == "add2" ){

echo"<form name=\"newad\" method=\"post\" enctype=\"multipart/form-data\"  action=\"?action=add2\">
<table width=\"\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">
  <tr>
      <td width=\"11%\">Name:</td>
    <td width=\"89%\"><INPUT TYPE=\"TEXT\" NAME=\"name\" SIZE=36></td>
  </tr>
  <tr>
      <td>Beach Image:</td>
    <td><input type=\"file\" name=\"image\" SIZE=\"36\"></td>
  </tr>
  <tr>
      <td>Rating:</td>
    <td><INPUT TYPE=\"TEXT\" NAME=\"rating\" SIZE=36></td>
  </tr>
  <tr>
      <td>Short Desc:</td>
    <td><TEXTAREA NAME=\"sdesc\" ROWS=10 COLS=30></TEXTAREA></td>
  </tr>
  <tr>
      <td>Long Desc:</td>
    <td><TEXTAREA NAME=\"ldesc\" ROWS=10 COLS=30></TEXTAREA></td>
  </tr>
    <tr>
      <td>Ocean:</td>
    <td><INPUT TYPE=\"TEXT\" NAME=\"ocean\" SIZE=36></td>
  </tr>
    <tr>
      <td>Surfing Info:</td>
    <td><INPUT TYPE=\"TEXT\" NAME=\"surfing\" SIZE=36></td>
  </tr>
    <tr>
      <td>Directions:</td>
    <td><INPUT TYPE=\"TEXT\" NAME=\"directions\" SIZE=36></td>
  </tr>
</table>
      <input type=\"submit\" value=\"Add Beach\" />
</form>";

  define ("MAX_SIZE","10000");

function getExtension($str) {
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
}
$errors=0;

if(isset($_POST['Submit']))
{
    $image=$_FILES['image']['name'];
    if ($image)
    {
        $filename = stripslashes($_FILES['image']['name']);
          $extension = getExtension($filename);
        $extension = strtolower($extension);
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
        {
            echo '<h1>Unknown extension!</h1>';
            $errors=1;
        }
        else
        {
$size=filesize($_FILES['image']['tmp_name']);


if ($size > MAX_SIZE*1024)
{
    echo 'You have exceeded the size limit!';
    $errors=1;
}


$image_name=time().'.'.$extension;

$newname="images/".$image_name;

$copied = copy($_FILES['image']['tmp_name'], $newname);
if (!$copied)
{
    echo 'Copy unsuccessfull!';
    $errors=1;
}}}}

if(isset($_POST['Submit']) && !$errors)
{
$picins = "$newname";
    $sql="INSERT INTO beaches (picture, rating, name, sdesc, ldesc, ocean, surfing, directions) VALUES ('$picins','$_GET[rating]','$_GET[name]', '$_GET[sdesc]', '$_GET[ldesc]', '$_GET[ocean]', '$_GET[surfing]', '$_GET[directions]')";
if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "Beach Added - Check to see if it is valid!";
    echo "Beach Image Uploaded Successfully!";
echo "$picins";
}


    ?> 

 

 

[dymon]

Hi,

 

the method of the form is POST:

<form name=\"newad\" [b]method=\"post\"[/b] enctype=\"multipart/form-data\"  action=\"?action=add2\">

 

but when you insert into the database you use the global array GET:

$sql="INSERT INTO beaches (picture, rating, name, sdesc, ldesc, ocean, surfing, directions) VALUES ('$picins','$_GET[rating]','$_GET[name]', '$_GET[sdesc]', '$_GET[ldesc]', '$_GET[ocean]', '$_GET[surfing]', '$_GET[directions]')";

change it to what is should be and try again.

 

Dymon